A vulnerability was found in Envoy through 1.11.1, where users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993. This description came from: https://nvd.nist.gov/vuln/detail/CVE-2019-15225
See related flaw https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14993
Used FixCVE names as this was released in an RHEA: https://access.redhat.com/errata/RHEA-2020:1416